以 https://dns.google/dns-query 为例
加入 edns_client_subnet:
DNS answer is: ;; opcode: QUERY, status: NOERROR, id: 12373
;; flags: qr rd ra; QUERY: 1, ANSWER: 3, AUTHORITY: 0, ADDITIONAL: 1
;; OPT PSEUDOSECTION:
; EDNS: version 0; flags:; udp: 512
; SUBNET: 110.81.11.0/24/24
;; QUESTION SECTION:
;v.qq.com. IN A
;; ANSWER SECTION:
v.qq.com. 600 IN CNAME v.tc.qq.com.
v.tc.qq.com. 180 IN CNAME v.qq.com.sched.px-dk.tdnsv6.com.
v.qq.com.sched.px-dk.tdnsv6.com. 60 IN A 27.152.187.140
为加入 edns_client_subnet:
DNS answer is: ;; opcode: QUERY, status: NOERROR, id: 32922
;; flags: qr rd ra; QUERY: 1, ANSWER: 3, AUTHORITY: 0, ADDITIONAL: 0
;; QUESTION SECTION:
;v.qq.com. IN A
;; ANSWER SECTION:
v.qq.com. 600 IN CNAME p21ovs.tcdn.qq.com.
p21ovs.tcdn.qq.com. 120 IN CNAME ssd.tcdn.qq.com.
ssd.tcdn.qq.com. 180 IN A 203.205.137.236
已经代码为 cloudflare worker 当未设置 edns_client_subnet 时,取来源 IP 为 edns_client_subnet 参数并做了 IP 模糊处理, 当设置 edns_client_subnet 则直接传给上游。
js 只向上游请求 A 记录,AAAA 记录 留在以后做吧。
js 内容应该做 cache 的,留在以后做吧。
const endpointPath = '/dns-query';
const upstream = 'https://dns.google/dns-query';
const headers = {
'accept': 'application/dns-message',
'content-type': 'application/dns-message',
};
function getAdditionalBytes(ip, isIPv4) {
if (isIPv4) {
return new Uint8Array([
0x00, 0x00, 0x29, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
0x0b, 0x00, 0x08, 0x00, 0x07, 0x00, 0x01, 0x18, 0x00,
...ip.split('.').slice(0, 3).map(num => parseInt(num).toString(16).padStart(2, '0'))
]);
} else {
return new Uint8Array([
0x00, 0x00, 0x29, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
0x0e, 0x00, 0x08, 0x00, 0x0a, 0x00, 0x02, 0x30, 0x00,
...ip.split(':').slice(0, 3).map(num => num.padStart(4, '0'))
]);
}
}
async function fetchUpstream(body) {
return await fetch(new Request(upstream, {
method: 'POST',
headers,
body,
}));
}
async function handleRequestPost(request) {
if (request.headers.get('content-type') !== 'application/dns-message') {
return new Response('bad request header', { status: 400 });
}
const bodyArrayBuffer = await request.arrayBuffer();
const body = new Uint8Array(bodyArrayBuffer);
// Check the 12th byte
if (body[11] === 0x00) {
body[11] = 0x01; // Modify the 12th byte
const ip = request.headers.get('cf-connecting-ip');
const isIPv4 = ip.includes('.');
const additionalBytes = getAdditionalBytes(ip, isIPv4);
// Create a new body with additional bytes
const modifiedBody = new Uint8Array(body.length + additionalBytes.length);
modifiedBody.set(body);
modifiedBody.set(additionalBytes, body.length);
return fetchUpstream(modifiedBody);
}
return fetchUpstream(bodyArrayBuffer);
}
async function handleRequest(request) {
const clientUrl = new URL(request.url);
if (clientUrl.pathname !== endpointPath) {
return new Response('Hello World!', { status: 404 });
}
switch (request.method) {
case 'POST':
return handleRequestPost(request);
default:
return new Response('method not allowed', { status: 405 });
}
}
addEventListener('fetch', event => {
event.respondWith(handleRequest(event.request));
});
目前尚无回复
Select Language